Total
12879 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2022-20048 | 2 Google, Mediatek | 11 Android, Mt5816, Mt5835 and 8 more | 2024-11-21 | 7.2 HIGH | 7.8 HIGH |
| In video decoder, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS05917502; Issue ID: ALPS05917502. | |||||
| CVE-2022-20047 | 2 Google, Mediatek | 11 Android, Mt5816, Mt5835 and 8 more | 2024-11-21 | 7.2 HIGH | 7.8 HIGH |
| In video decoder, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS05917489; Issue ID: ALPS05917489. | |||||
| CVE-2022-20040 | 2 Google, Mediatek | 39 Android, Mt6735, Mt6737 and 36 more | 2024-11-21 | 4.6 MEDIUM | 7.8 HIGH |
| In power_hal_manager_service, there is a possible permission bypass due to a stack-based buffer overflow. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS06219150; Issue ID: ALPS06219150. | |||||
| CVE-2022-20038 | 2 Google, Mediatek | 9 Android, Mt6833, Mt6853 and 6 more | 2024-11-21 | 4.6 MEDIUM | 6.7 MEDIUM |
| In ccu driver, there is a possible memory corruption due to an incorrect bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS06183335; Issue ID: ALPS06183335. | |||||
| CVE-2022-20030 | 2 Google, Mediatek | 17 Android, Mt6781, Mt6785 and 14 more | 2024-11-21 | 4.6 MEDIUM | 6.7 MEDIUM |
| In vow driver, there is a possible out of bounds write due to a stack-based buffer overflow. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS05837793; Issue ID: ALPS05837793. | |||||
| CVE-2022-20028 | 2 Google, Mediatek | 7 Android, Mt8167, Mt8175 and 4 more | 2024-11-21 | 4.6 MEDIUM | 7.8 HIGH |
| In Bluetooth, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS06198663; Issue ID: ALPS06198663. | |||||
| CVE-2022-20027 | 2 Google, Mediatek | 7 Android, Mt8167, Mt8175 and 4 more | 2024-11-21 | 4.6 MEDIUM | 7.8 HIGH |
| In Bluetooth, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS06126826; Issue ID: ALPS06126826. | |||||
| CVE-2022-20026 | 2 Google, Mediatek | 7 Android, Mt8167, Mt8175 and 4 more | 2024-11-21 | 4.6 MEDIUM | 7.8 HIGH |
| In Bluetooth, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS06126827; Issue ID: ALPS06126827. | |||||
| CVE-2022-20025 | 2 Google, Mediatek | 7 Android, Mt8167, Mt8175 and 4 more | 2024-11-21 | 4.6 MEDIUM | 7.8 HIGH |
| In Bluetooth, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS06126832; Issue ID: ALPS06126832. | |||||
| CVE-2022-20009 | 1 Google | 1 Android | 2024-11-21 | 7.2 HIGH | 6.8 MEDIUM |
| In various functions of the USB gadget subsystem, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-213172319References: Upstream kernel | |||||
| CVE-2022-1943 | 1 Linux | 1 Linux Kernel | 2024-11-21 | 7.2 HIGH | 7.8 HIGH |
| A flaw out of bounds memory write in the Linux kernel UDF file system functionality was found in the way user triggers some file operation which triggers udf_write_fi(). A local user could use this flaw to crash the system or potentially | |||||
| CVE-2022-1920 | 2 Debian, Gstreamer Project | 2 Debian Linux, Gstreamer | 2024-11-21 | N/A | 7.8 HIGH |
| Integer overflow in matroskademux element in gst_matroska_demux_add_wvpk_header function which allows a heap overwrite while parsing matroska files. Potential for arbitrary code execution through heap overwrite. | |||||
| CVE-2022-1890 | 1 Lenovo | 12 Thinkbook 14-iil, Thinkbook 14-iil Firmware, Thinkbook 14-iml and 9 more | 2024-11-21 | N/A | 6.7 MEDIUM |
| A buffer overflow in the ReadyBootDxe driver in some Lenovo Notebook products may allow an attacker with local privileges to execute arbitrary code. | |||||
| CVE-2022-1888 | 1 Fujielectric | 2 Alpha7 Pc Loader, Alpha7 Pc Loader Firmware | 2024-11-21 | N/A | 7.8 HIGH |
| Alpha7 PC Loader (All versions) is vulnerable to a stack-based buffer overflow while processing a specifically crafted project file, which may allow an attacker to execute arbitrary code. | |||||
| CVE-2022-1886 | 2 Fedoraproject, Vim | 2 Fedora, Vim | 2024-11-21 | 6.8 MEDIUM | 7.8 HIGH |
| Heap-based Buffer Overflow in GitHub repository vim/vim prior to 8.2. | |||||
| CVE-2022-1876 | 1 Google | 1 Chrome | 2024-11-21 | N/A | 8.8 HIGH |
| Heap buffer overflow in DevTools in Google Chrome prior to 102.0.5005.61 allowed an attacker who convinced a user to install a malicious extension to potentially exploit heap corruption via a crafted HTML page. | |||||
| CVE-2022-1841 | 1 Zephyrproject | 1 Zephyr | 2024-11-21 | N/A | 7.2 HIGH |
| In subsys/net/ip/tcp.c , function tcp_flags , when the incoming parameter flags is ECN or CWR , the buf will out-of-bounds write a byte zero. | |||||
| CVE-2022-1737 | 1 Pyramidsolutions | 4 Netstax Ethernet\/ip Adapter Development Kit, Netstax Ethernet\/ip Adapter Dll Kit, Netstax Ethernet\/ip Scanner Development Kit and 1 more | 2024-11-21 | 5.0 MEDIUM | 9.8 CRITICAL |
| Pyramid Solutions' affected products, the Developer and DLL kits for EtherNet/IP Adapter and EtherNet/IP Scanner, are vulnerable to an out-of-bounds write, which may allow an unauthorized attacker to send a specially crafted packet that may result in a denial-of-service condition. | |||||
| CVE-2022-1733 | 3 Apple, Fedoraproject, Vim | 3 Macos, Fedora, Vim | 2024-11-21 | 4.6 MEDIUM | 7.8 HIGH |
| Heap-based Buffer Overflow in GitHub repository vim/vim prior to 8.2.4968. | |||||
| CVE-2022-1638 | 1 Google | 1 Chrome | 2024-11-21 | N/A | 8.8 HIGH |
| Heap buffer overflow in V8 Internationalization in Google Chrome prior to 101.0.4951.64 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. | |||||